Browswer Redirects

Recommended Posts

I have been fighting with this for entirely too long. I run Microsoft Security Essentials all the time and now can not update it. I also get redirected on any search I do. I have tried Ad-Aware, Malware Bytes and have even installed PCTools Spyware Doctor. They will all pick up things but can't seem to completely root out the problem. Last night I even tried Combo Fix and it said it did the work but everything is still the same again today.

Share this post

Link to post

Share on other sites

Also of note, I was not able to post the logs to this website from my computer. I had to post it from another computer. Not sure if it is blocking me posting here or what but it seems strange I could send it the first try from a different computer.

Share this post

Link to post

Share on other sites

Thank you Blade, for your help. I'm sorry I ran ComboFix, I hope it doesn't mess up anything now. I only ran it because I found it on another site, before I found this place. I was desperate and willing to try just about anything.

6/19/2010 9:51:52 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.

6/19/2010 9:51:52 AM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

6/16/2010 1:12:00 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD Networking Support Environment service which failed to start because of the following error: A device attached to the system is not functioning.

6/16/2010 1:12:00 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.

6/16/2010 1:12:00 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

6/16/2010 1:12:00 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBT service which failed to start because of the following error: A device attached to the system is not functioning.

6/15/2010 9:27:46 AM, error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 2 time(s).

6/15/2010 9:22:07 AM, error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.

6/15/2010 5:32:52 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the PC Tools Security Service service to connect.

6/15/2010 5:32:52 PM, error: Service Control Manager [7000] - The PC Tools Security Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

6/15/2010 5:32:22 PM, error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 1 time(s).

6/15/2010 5:18:39 PM, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.

6/14/2010 12:19:12 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

6/14/2010 1:17:48 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

6/13/2010 8:43:13 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows Search service to connect.

6/13/2010 8:43:13 PM, error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

6/13/2010 8:43:13 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

6/13/2010 8:39:58 PM, error: Service Control Manager [7034] - The SeaPort service terminated unexpectedly. It has done this 1 time(s).

6/13/2010 8:39:47 PM, error: Service Control Manager [7031] - The Remote Registry service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

6/13/2010 7:29:36 PM, error: Service Control Manager [7034] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).

6/13/2010 7:28:25 PM, error: Service Control Manager [7034] - The TCP/IP NetBIOS Helper service terminated unexpectedly. It has done this 1 time(s).

6/13/2010 7:28:25 PM, error: Service Control Manager [7034] - The SSDP Discovery Service service terminated unexpectedly. It has done this 1 time(s).

6/13/2010 7:28:17 PM, error: Service Control Manager [7034] - The WebClient service terminated unexpectedly. It has done this 1 time(s).

6/13/2010 7:06:16 PM, error: Service Control Manager [7034] - The Terminal Services service terminated unexpectedly. It has done this 1 time(s).

6/13/2010 7:06:16 PM, error: Service Control Manager [7031] - The DCOM Server Process Launcher service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.

6/13/2010 12:28:01 AM, error: Service Control Manager [7034] - The SystemSuite Task Manager service terminated unexpectedly. It has done this 1 time(s).

6/13/2010 11:02:17 PM, error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

6/13/2010 10:59:35 AM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.

6/13/2010 10:59:35 AM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Background Intelligent Transfer Service service, but this action failed with the following error: An instance of the service is already running.

6/13/2010 10:57:37 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).

6/13/2010 10:18:53 AM, error: Service Control Manager [7034] - The Yahoo! Updater service terminated unexpectedly. It has done this 1 time(s).

6/13/2010 10:18:50 AM, error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Share this post

Link to post

Share on other sites

Good. Are you still noticing any problems? If not, it's time to secure your system to prevent against further intrusions.

THESE STEPS ARE VERY IMPORTANT

Let's reset system restore

Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs changing those files. This is the only way to clean these files: You will lose all previous restore points which are likely to be infected. Please note you need Administrator Access to do clean the restore points.

The tool will delete itself once it finishes, if not delete it by yourself.

Note: If you receive a warning from your firewall or other security programs regarding OTC attempting to contact the internet, please allow it to do so.

UPDATING WINDOWS AND INTERNET EXPLORER

IMPORTANT: You Need to Update Windows and Internet Explorer to protect your computer from the malware that is around on the Internet. Please go to the windows update site to get the critical updates.

If you are running Microsoft Office, or any portion thereof, go to the Microsoft's Office Update site and make sure you have at least all the critical updates installed (Free) Microsoft Office Update.

Make your Internet Explorer more secure

This can be done by following these simple instructions:

From within Internet Explorer click on the Tools menu and then click on Options.

Click once on the Security tab

Click once on the Internet icon so it becomes highlighted.

Click once on the Custom Level button.

Change the Download signed ActiveX controls to Prompt

Change the Download unsigned ActiveX controls to Disable

Change the Initialize and script ActiveX controls not marked as safe to Disable

Change the Installation of desktop items to Prompt

Change the Launching programs and files in an IFRAME to Prompt

Change the Navigate sub-frames across different domains to Prompt

When all these settings have been made, click on the OK button.

If it prompts you as to whether or not you want to save the settings, press the Yes button.

Next press the Apply button and then the OK to exit the Internet Properties page.

The following are recommended third party programs that are designed to keep your computer clean. A link as well as a brief description is included with each item.

hosts file:

Every version of windows has a hosts file as part of them.

In a very basic sense, they are used to locate webpages.

We can customize a hosts file so that it blocks certain webpages.

However, it can slow down certain computers.

This is why using a hosts file is optional!!

Download it here. Make sure you read the instructions on how to install the hosts file. There is a good tutorial here

If you decide to download the hosts file, the slowdown problems can usually be avoided by following these steps:

Click the start button (at the lower left hand corner of your screen)

Click run

In the dialog box, type services.msc

hit enter, then locate dns client

Highlight it, then double-click it.

On the dropdown box, change the setting from automatic to manual.

Click ok

Run Secunia vulnerability check here and fix its findings.Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly. For more info, check this webpage out.

If you don't have a 3rd party firewall or a router behind NAT then I recommend getting one. I recommend either Online Armor Free or Comodo Firewall Pro (If you choose Comodo: Uncheck during installation Install Comodo HopSurf.., Make Comodo my default search provider and Make Comodo Search my homepage and install firewall ONLY!). Both providers have support forums that help with configuration related questions.

Just a final reminder for you. I am trying to stress these two points.

UPDATE UPDATE UPDATE!!! Make sure you do this about every 1-2 weeks.

Make sure all of your security programs are up to date.

Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

Once again, please post and tell me how things are going with your system... problems etc.

Share this post

Link to post

Share on other sites

Thanks again for your help on this matter. Last night I had already Installed Comodo Firewall. It did not like the uninstall process of ComboFix, but it did it. lol.

I took care of the other things that said to do as well.

I was also going to install the Comodo Anti-Virus and BHO process, instead of running Microsoft Security Essentials, but they aren't installing for some reason. Something about needing "Internet Security 4.0 or something like that. I'll get on their forum and see what they can do for me.

I have also installed Comodo Verification Engine and WOT on Firefox. Is there any changes you would recommend for me to make to Firefox for security.

Share this post

Link to post

Share on other sites

I've installed both of those and an anti-redirector. I've also gotten rid of Microsoft Security Essentials and have installed the COMODO Internet Security. It includes for FREE an Anti-virus, anti-malware and firewall. It also has a defender program as well. So far I like it really well. Hopefully with all of these changes I won't get hijacked again. Once is to often.